Thursday, December 26, 2024
Google search engine
HomeData Modelling & AIWhat is User Privileges in Ethical Hacking ?

What is User Privileges in Ethical Hacking ?

Ever wondered why aren’t you able to make changes (moving, deleting) to some files/folders as a normal user on your system? It is because some files/folders are set up in a way to be only accessed by the Administrator or Super User i.e. it only allows the System Administrator to make changes.

As a simple example, a normal user is prevented from making changes to Operating System files but the administrator is allowed to do so as it is a part of maintaining a system.

 

But there is a term called Privilege Escalation, which basically means elevation of privileges of a normal user to that of Administrator or Super-User by providing the password.

This can be done with this command in the terminal.

sudo su

After putting in this command you’ll be prompted to enter the administrator’s password.

Note: You will not see the password being typed for security reasons.

This also gives rise to a potential number of cyber attacks, in which the attacker exploits a bug, obtains high-level privileges, and performs unauthorized actions that are often harmful to the client or the institution. These are also called privilege escalation exploits.

Steps of Privilege Escalation Attacks:

Generally, this type of attack is preceded by reconnaissance and some steps included are:

There are various possible techniques for Performing a Privilege Escalation Attack, one of them is attackers can use Credential Harvesting or Social Engineering techniques to obtain the credentials of a particular user. And as soon as attackers get into the institute’s network, they use compromised credentials and bypass access controls hence the attacker gained. There are other many other possible techniques to perform a Privilege Escalation Attack.

To prevent these types of attacks you may refer to Prevent Broken Access Control.

Whether you’re preparing for your first job interview or aiming to upskill in this ever-evolving tech landscape, lazyroar Courses are your key to success. We provide top-quality content at affordable prices, all geared towards accelerating your growth in a time-bound manner. Join the millions we’ve already empowered, and we’re here to do the same for you. Don’t miss out – check it out now!

RELATED ARTICLES

Most Popular

Recent Comments